systemd-boot: add 'graceful' configuration option

On some systems bootctl cannot write the `LoaderSystemToken` EFI variable during installation, which results in a failure to install the boot loader. Upstream provides a flag (--graceful) to ignore such write failures - this change exposes it as a configuration option. As the exact semantics of this option appear to be somewhat volatile it should be used only if systemd-boot otherwise fails to install.
2025-06-12 12:45:27 +03:00 · 2021-09-26 17:54:36 +02:00 · 2021-09-26 17:54:36 +02:00 · 7bd84b6685
commit 7bd84b6685
parent 5e37cc3186
2 changed files with 26 additions and 5 deletions
--- a/nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix
+++ b/nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix
@ -24,7 +24,7 @@ let

    configurationLimit = if cfg.configurationLimit == null then 0 else cfg.configurationLimit;

-    inherit (cfg) consoleMode;
+    inherit (cfg) consoleMode graceful;

    inherit (efi) efiSysMountPoint canTouchEfiVariables;

@ -126,6 +126,22 @@ in {
        '';
      };
    };
+
+    graceful = mkOption {
+      default = false;
+
+      type = types.bool;
+
+      description = ''
+        Invoke <literal>bootctl install</literal> with the <literal>--graceful</literal> option,
+        which ignores errors when EFI variables cannot be written or when the EFI System Partition
+        cannot be found. Currently only applies to random seed operations.
+
+        Only enable this option if <literal>systemd-boot</literal> otherwise fails to install, as the
+        scope or implication of the <literal>--graceful</literal> option may change in the future.
+      '';
+    };
+
  };

  config = mkIf cfg.enable {